Skip to content
GitLab
Select Git revision
  • dev default
  • 6378-orcid-test-method-is-wrong-and-break-orcid-saving
  • core-php8
  • master
  • 6342-update-the-locales-for-1-5
  • 6344-template-issue-when-creating-a-template-with-empty-password-error-message-should-not-be-seen
  • 6365-core-locking-mechanism-is-not-changing-the-mail-ressource-it-does-lock-the-mail-account
  • 6365-core-when-lock-mechanism-is-trigger-the-user-should-not-be-editable-if-not-unlock
  • fusiondirectory-1.5
  • fusiondirectory-1.4
  • fusiondirectory-1.3.1
  • fusiondirectory-1.3
  • fusiondirectory-1.2.3
  • fusiondirectory-1.2.2
  • fusiondirectory-1.2.1
  • fusiondirectory-1.2
  • fusiondirectory-1.1.1
  • fusiondirectory-1.1
  • fusiondirectory-1.0.20
  • fusiondirectory-1.0.19
  • fusiondirectory-1.0.18
  • fusiondirectory-1.0.17
  • fusiondirectory-1.0.16
  • fusiondirectory-1.0.15
  • fusiondirectory-1.0.14
  • fusiondirectory-1.0.13
  • fusiondirectory-1.0.12
  • fusiondirectory-1.0.11
Find file BlameHistoryPermalink
class_objects.inc 13.19 KiB
1 
<?php
2
3 
/*
4 
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
5 
  Copyright (C) 2013-2018  FusionDirectory
6
7 
  This program is free software; you can redistribute it and/or modify
8 
  it under the terms of the GNU General Public License as published by
9 
  the Free Software Foundation; either version 2 of the License, or
10 
  (at your option) any later version.
11
12 
  This program is distributed in the hope that it will be useful,
13 
  but WITHOUT ANY WARRANTY; without even the implied warranty of
14 
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 
  GNU General Public License for more details.
16
17 
  You should have received a copy of the GNU General Public License
18 
  along with this program; if not, write to the Free Software
19 
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20 
*/
21
22 
/*!
23 
 * \brief Class for handling objects and their types
24 
 *
25 
 * Allows to list, open, create and delete objects
26 
 */
27 
class objects
28 
{
29 
  /*!
30 
   * \brief Get list of object of objectTypes from $types in $ou
31 
   *
32 
   * \param array   $types the objectTypes to list
33 
   * \param mixed   $attrs The attributes to fetch.
34 
   * If this is a single value, the resulting associative array will have for each dn the value of this attribute.
35 
   * If this is an array, the keys must be the wanted attributes, and the values can be either 1, '*' or 'raw'
36 
   *  depending if you want a single value or an array of values. 'raw' means untouched LDAP value and is only useful for dns.
37 
   *  Other values are considered to be 1.
38 
   * \param string  $ou the LDAP branch to search in, base will be used if it is NULL
39 
   * \param string  $filter an additional filter to use in the LDAP search.
40 
   * \param boolean $checkAcl should ACL be ignored or checked? Defaults to FALSE.
41 
   * \param string  $scope scope, defaults to subtree. When using one, be careful what you put in $ou.
42 
   *
43 
   * \return The list of objects as an associative array (keys are dns)
44 
   */
45 
  static function ls ($types, $attrs = NULL, $ou = NULL, $filter = '', $checkAcl = FALSE, $scope = 'subtree')
46 
  {
47 
    global $ui, $config;
48
49 
    if ($ou === NULL) {
50 
      $ou = $config->current['BASE'];
51 
    }
52
53 
    if (!is_array($types)) {
54 
      $types = [$types];
55 
    }
56
57 
    if ($checkAcl) {
58 
      if (count($types) > 1) {
59 
        throw new FusionDirectoryException('Cannot evaluate ACL for several types');
60 
      }
61 
      $infos = static::infos(reset($types));
62 
      $acl = $infos['aclCategory'].'/'.$infos['mainTab'];
63 
    }
64
65 
    $attrsAcls = [];
66 
    if ($attrs === NULL) {
67 
      $attrs = [];
68 
      foreach ($types as $type) {
69 
        $infos = static::infos($type);
70 
        if ($infos['mainAttr']) {
7172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
$attrs[] = $infos['mainAttr']; } } $attrs = array_unique($attrs); if (count($attrs) == 1) { $attrs = $attrs[0]; } elseif (count($attrs) == 0) { $attrs = ['dn' => 'raw']; } } elseif ($checkAcl) { if (is_array($attrs)) { $search_attrs = array_keys($attrs); } else { $search_attrs = [$attrs]; } foreach ($search_attrs as $search_attr) { $category = $ui->getAttributeCategory($types[0], $search_attr); if ($category === FALSE) { throw new FusionDirectoryException('Could not find ACL for attribute "'.$search_attr.'"'); } if ($category === TRUE) { continue; } if (strpos($ui->get_permissions($ou, $category, $search_attr), 'r') === FALSE) { $attrsAcls[$search_attr] = [$category, $search_attr]; } } } if (is_array($attrs)) { $search_attrs = array_keys($attrs); } else { $search_attrs = [$attrs]; } try { $ldap = static::search($types, $search_attrs, $ou, $filter, $checkAcl, $scope, FALSE, $partialFilterAcls); } catch (NonExistingBranchException $e) { return []; } $result = []; while ($fetched_attrs = $ldap->fetch()) { $key = $fetched_attrs['dn']; if ($checkAcl) { if (strpos($ui->get_permissions($key, $acl), 'r') === FALSE) { continue; } foreach ($partialFilterAcls as $partialFilterAcl) { if (strpos($ui->get_permissions($key, $partialFilterAcl[0], $partialFilterAcl[1]), 'r') === FALSE) { continue 2; } } } if (is_array($attrs)) { $result[$key] = []; foreach ($attrs as $attr => $mode) { if (isset($fetched_attrs[$attr])) { if (isset($attrsAcls[$attr]) && (strpos($ui->get_permissions($key, $attrsAcls[$attr][0], $attrsAcls[$attr][1]), 'r') === FALSE)) { continue; } switch ($mode) { case '*': unset($fetched_attrs[$attr]['count']); case 'raw': $result[$key][$attr] = $fetched_attrs[$attr]; break; case 1: default: $result[$key][$attr] = $fetched_attrs[$attr][0];